Known-Key Attack on SM4 Block Cipher

HyungChul KANG  Deukjo HONG  Jaechul SUNG  Seokhie HONG  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E100-A   No.12   pp.2985-2990
Publication Date: 2017/12/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E100.A.2985
Type of Manuscript: PAPER
Category: Cryptography and Information Security
SM4 block cipher,  known-key distinguisher,  collision attack,  

Full Text: PDF(2.2MB)>>
Buy this Article

We present the first known-key attack on SM4, which is the Chinese standard block cipher made for the wireless LAN WAPI. We make a known-key distinguisher using rebound techniques with the time complexity of 212.75. Then, with the distinguisher, we provide near-collision attacks on MMO and MP hash modes of SM4. Precisely, we find a 104-bit near-collision for 13 rounds of SM4 with the time complexity of 213.30 and a 32-bit near-collision for 17 rounds of SM4 with the time complexity of 212.91. They are much more efficient than generic attacks for the case of random permutation.